Описание
In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Ссылки
- https://android.googlesource.com/platform/frameworks/base/+/653f7b0d234693309dc86161af01831b64033fe6Mailing ListPatch
- PatchVendor Advisory
- https://android.googlesource.com/platform/frameworks/base/+/653f7b0d234693309dc86161af01831b64033fe6Mailing ListPatch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
EPSS
Процентиль: 0%
0.00004
Низкий
7.8 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-276
Связанные уязвимости
CVSS3: 7.8
github
почти 2 года назад
In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS
Процентиль: 0%
0.00004
Низкий
7.8 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-276